← Back to Legal & Compliance
Security & Technical Measures
Armour Consortium AI - Cart Recovery API
Legal Basis: Article 32 UK GDPR / EU GDPR | Last Updated: December 2025
1. Executive Summary
Armour Consortium AI implements comprehensive security measures to protect data processed through the Cart Recovery API. Our architecture is designed around the principle of transient processing - we don't store personal data, eliminating the primary vector for data breaches.
2. Security Architecture
2.1 Core Principle: Transient Processing
| Aspect | Implementation |
|---|
| Data Lifecycle | Milliseconds (request → response) |
| Storage | None - processed in memory only |
| Database PII | None stored |
| Log Files | No personal data logged |
| Backups | N/A - nothing to back up |
You can't breach what you don't store.
2.2 Architecture Diagram
[Client] --TLS 1.3--> [API Gateway] --Memory--> [Ensemble Processing] --TLS--> [Sub-processors]
|
v
[Rate Limiting]
[Input Validation]
[Consent Enforcement]
|
v
[Response Generated]
|
v
[Memory Cleared]
3. Technical Security Measures
3.1 Encryption
| Layer | Measure | Standard |
|---|
| In Transit | TLS 1.3 | All API communications |
| At Rest | N/A | No data stored |
| Sub-processor | TLS 1.2+ | All outbound Ensemble calls |
3.2 Access Control
| Measure | Implementation |
|---|
| x402 Authentication | Cryptographic payment verification |
| Internal Bypass | 256-bit secret, timing-safe comparison |
| Rate Limiting | 220 requests/minute global |
| Wallet Verification | Base network transaction validation |
3.3 Input Validation
| Check | Implementation |
|---|
| Schema Validation | Strict JSON schema enforcement |
| Type Checking | All fields validated for expected types |
| Length Limits | Maximum field lengths enforced |
| Injection Prevention | Input sanitisation for Ensemble prompts |
| Malicious Payload Detection | Pattern matching for attack vectors |
3.4 Output Security
| Measure | Implementation |
|---|
| Content Sanitisation | HTML outputs sanitised |
| No PII in Logs | Personal data never logged |
| Response Validation | Outputs checked before return |
4. Infrastructure Security
4.1 Hosting Environment
| Aspect | Implementation |
|---|
| Platform | Replit cloud infrastructure |
| Isolation | Container-based isolation |
| Networking | Private networking for internal services |
| Egress | Restricted to approved sub-processors |
4.2 Database Security
| Measure | Implementation |
|---|
| Provider | Neon (serverless PostgreSQL) |
| Data Stored | Anonymised analytics only |
| PII Stored | None |
| Encryption | Neon-managed encryption at rest |
| Access | Connection string in secrets manager |
4.3 Secrets Management
| Measure | Implementation |
|---|
| API Keys | Environment secrets, never in code |
| Rotation | Regular rotation schedule |
| Access Logging | Secret access is audited |
| Least Privilege | Minimal necessary access |
5. Application Security
5.1 Security Headers
| Header | Value |
|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-XSS-Protection | 1; mode=block |
Content-Security-Policy | Restrictive policy |
5.2 CORS Policy
| Setting | Value |
|---|
| Allowed Origins | API clients only |
| Allowed Methods | GET, POST as appropriate |
| Credentials | Not required |
5.3 Error Handling
| Principle | Implementation |
|---|
| No Stack Traces | Never exposed to clients |
| Generic Errors | Non-specific error messages |
| Error Logging | Internal only, no PII |
| Graceful Degradation | Multi-tier failover |
6. Operational Security
6.1 Monitoring
| Aspect | Implementation |
|---|
| Health Checks | /api/x402/health endpoint |
| Uptime Monitoring | Automated availability checks |
| Error Rate Tracking | Anomaly detection |
| Rate Limit Monitoring | Abuse detection |
6.2 Incident Response
| Phase | Action |
|---|
| Detection | Automated monitoring, anomaly alerts |
| Containment | Rate limiting, IP blocking capability |
| Assessment | Root cause analysis |
| Notification | 72-hour notification to affected Controllers |
| Recovery | Service restoration procedures |
| Lessons Learned | Post-incident review |
6.3 Business Continuity
| Measure | Implementation |
|---|
| Proprietary multi-model Failover | Three-tier AI provider redundancy chain |
| Never 5xx | System always returns usable content |
| Timeout Handling | 8000ms provider timeout with fallback |
| Degraded Mode | Reduced functionality vs. failure |
7. Consent & Compliance Enforcement
7.1 Technical Consent Enforcement
| Check | Implementation |
|---|
| SMS Opt-Out | accepts_sms_marketing: false blocks SMS/WhatsApp |
| Email Opt-Out | accepts_email_marketing: false blocks email |
| Dual Opt-Out | Both false = COMPLIANCE_BLOCKED, no Ensemble processing |
| Validation | Consent flags validated on every request |
7.2 Compliance Logging
| Event | Logged |
|---|
| COMPLIANCE_BLOCKED | Anonymised count |
| Channel Suppression | Anonymised statistics |
| Request Volume | Aggregate only |
| PII | Never logged |
8. Sub-Processor Security
8.1 Due Diligence
| Check | Frequency |
|---|
| Security Certifications | Verified at engagement |
| SOC 2 / ISO 27001 | Annual verification |
| Privacy Policy Review | Annual |
| DPA in Place | Confirmed before use |
8.2 Data Minimisation to Sub-Processors
| Sent | Not Sent |
|---|
| First name | Email address |
| Cart items | Phone number |
| Cart value | Customer ID |
| Brand voice | Order history |
Only data necessary for content generation is transmitted.
9. Security Testing
9.1 Testing Programme
| Test Type | Frequency |
|---|
| Automated Vulnerability Scanning | Continuous |
| Dependency Scanning | On deployment |
| Code Review | All changes |
| Penetration Testing | Annual (planned) |
9.2 Vulnerability Management
| Severity | Response Time |
|---|
| Critical | 24 hours |
| High | 72 hours |
| Medium | 7 days |
| Low | 30 days |
10. Physical Security
| Aspect | Implementation |
|---|
| Data Centre | Cloud provider managed |
| Physical Access | Provider-controlled |
| Environmental | Provider-managed |
As a cloud-hosted service, physical security is delegated to infrastructure providers (Replit, Neon).
11. Personnel Security
| Measure | Implementation |
|---|
| Access Control | Role-based, least privilege |
| Training | Data protection awareness |
| Confidentiality | Contractual obligations |
| Offboarding | Immediate access revocation |
12. Security Certifications
| Certification | Status |
|---|
| SOC 2 Type II | Target 2026 (pending scale) |
| GDPR Compliance | Implemented |
13. Audit & Documentation
| Document | Availability |
|---|
| Security Policy | This document |
| Penetration Test Reports | Upon request (with NDA) |
| Compliance Certifications | Upon request |
| Incident History | None to date |
14. Security Contact
For security concerns or to report vulnerabilities:
Email: hello@armourconsortium.ai
Subject: Security - [Brief Description]
We aim to acknowledge security reports within 24 hours.
15. Version History
| Version | Date | Changes |
|---|
| 1.0 | December 2025 | Initial security documentation |
This document describes the technical and organisational security measures implemented by Armour Consortium AI in accordance with Article 32 UK GDPR and EU GDPR.